Your social media posts are popular—with hackers

Digital risk monitoring vendors aim to minimize havoc wreaked by cyber scammers

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

Social media is embed­ded in our lives—Facebook alone had 1.79 bil­lion dai­ly users as of Sep­tem­ber 2016—which means cyber crim­i­nals are not far behind.

drm-vendors-factboxAs com­pa­nies increas­ing­ly rely on this dig­i­tal chan­nel for mar­ket­ing, recruit­ing, cus­tomer ser­vice and oth­er busi­ness func­tions, social media also has become a high­ly effec­tive vehi­cle for cyber attacks. Out­side of the cor­po­rate net­work perime­ter and an organization’s con­trol, it throws tra­di­tion­al secu­ri­ty approach­es out the win­dow.

Relat­ed video: How hack­ers exploit Google Dri­ve

A grow­ing cat­e­go­ry of dig­i­tal risk mon­i­tor­ing ven­dors, iden­ti­fied by For­rester Research Inc. in a recent quar­ter­ly Wave report, are cater­ing to this prob­lem. Accord­ing to the report, dig­i­tal channels—social, mobile, web and dark web—“are now ground zero for cyber, brand and even phys­i­cal attacks.”

The ways in which cyber crim­i­nals weaponize these chan­nels are lim­it­ed only by their imag­i­na­tion. Hack­ers can cre­ate fake cor­po­rate accounts for har­vest­ing cus­tomer cre­den­tials, imper­son­ate com­pa­ny exec­u­tives, dam­age the brand’s rep­u­ta­tion, and post legit­i­mate-look­ing links that con­tain mal­ware.

Accord­ing to Cisco’s 2016 annu­al secu­ri­ty report, Face­book, for exam­ple, was the top mech­a­nism last year for deliv­er­ing mal­ware, through social engi­neer­ing, in order to gain access to orga­ni­za­tion­al net­works.

(Social media) is a busi­ness tech­nol­o­gy plat­form and because it’s been adopt­ed at all lev­els of busi­ness … orga­ni­za­tions have to fig­ure out how to pro­tect it,” says Evan Blair, co-founder and chief busi­ness offi­cer at Zero­FOX, a dig­i­tal-risk mon­i­tor­ing (DRM) ven­dor launched in 2013.

Evan Blair, ZeroFOX co-founder and chief business officer
Evan Blair, Zero­FOX co-founder and chief busi­ness offi­cer

And it’s a gold mine for intel­li­gence on indi­vid­u­als,” he adds.

Social media—the ide­al weapon

The sheer vol­ume of traf­fic on social net­works is a mag­net not only for busi­ness­es but also for the crim­i­nal ele­ment.

Accord­ing to the Pew Research Cen­ter, 79 per­cent of inter­net users are on Face­book, the most pop­u­lar social net­work. About a third of inter­net users are on Insta­gram and a quar­ter are on Twit­ter.

Bet­ter click-through rates and low­er adver­tis­ing costs, among oth­er things, are com­pelling com­pa­nies to throw more mon­ey at social media adver­tis­ing (Hoot­suite esti­mates social media bud­gets have near­ly dou­bled, from $16 bil­lion in 2014 to $31 bil­lion in 2016).

But it’s not just the grow­ing num­bers of users and increased brand pres­ence that cre­ates an attrac­tive play­ground for bad actors. It’s easy to cre­ate new accounts and instant­ly attract followers—which means it’s eas­i­er than email for reach­ing a mas­sive num­ber of peo­ple with a phish­ing attack.

devin-redmond_400
Devin Red­mond, Proof­point gen­er­al man­ag­er and vice pres­i­dent of dig­i­tal risk and com­pli­ance solu­tions

It’s a fric­tion­less envi­ron­ment that allows you to com­mu­ni­cate imme­di­ate­ly,” says Devin Red­mond, gen­er­al man­ag­er and vice pres­i­dent of dig­i­tal risk and com­pli­ance solu­tions for Proof­point, anoth­er DRM ven­dor.

Adding to the prob­lem is the fact that social media can be high­ly auto­mat­ed because it was built on an open API (appli­ca­tion pro­gram­ming inter­face) that allows devel­op­ers access to pro­pri­etary appli­ca­tions.

Social media was built with automa­tion in mind,” Blair says. “You can cre­ate an account that inter­acts com­plete­ly autonomous­ly.”

Even though email remains the medi­um of choice, accord­ing to var­i­ous secu­ri­ty com­pa­nies, email phish­ing is on the decline. Social media phish­ing, on the oth­er hand, is grow­ing.

Why orga­ni­za­tions are at risk

Eric Olson, vice pres­i­dent of intel­li­gence oper­a­tions at Look­ing­Glass, says what makes dig­i­tal risk a high pri­or­i­ty is the fact that it’s a busi­ness risk that touch­es mul­ti­ple facets of an orga­ni­za­tion. It not just about cybersecurity—it also involves com­pli­ance, human resources and legal, among oth­ers.

He says it’s impor­tant for secu­ri­ty prac­ti­tion­ers to focus on the how — e.g. phish­ing — rather than the chan­nel it came from.

Eric Olson, LookingGlass vice president of intelligence operations
Eric Olson, Look­ing­Glass vice pres­i­dent of intel­li­gence oper­a­tions

You have to be able to keep eyes in all the dark cor­ners,” Olson says.

A new tech­nique Proof­point iden­ti­fied in 2016 is angler phish­ing. Bad actors cre­ate a fake social media account on, say, Twit­ter, using stolen brand­ing. They watch for cus­tomer ser­vice requests addressed to the legit­i­mate account for a bank or a ser­vice like Pay­Pal. They then tweet a reply with a link to a looka­like fake web­site where the cus­tomer is asked to enter login cre­den­tials.

Despite this grow­ing threat, how­ev­er, many secu­ri­ty prac­ti­tion­ers are not aligned with social media, Red­mond says.

The pace of adop­tion of social by enter­pris­es and the pace of the risks that are evolv­ing around that are grow­ing much faster than peo­ple are address­ing those risks,” he says.

An emerg­ing space

The offer­ings of the ven­dors in this space vary. For exam­ple, Zero­FOX focus­es large­ly on social media. Proof­point cov­ers social, mobile, web and email. Look­ing­Glass inte­grates machine readable/open source feeds, ana­lyst ser­vices, threat intel­li­gence tools and appli­ances.

What­ev­er approach they take, more secu­ri­ty com­pa­nies are like­ly to join in since the mar­ket is still grow­ing.

But even savvy com­pa­nies are strug­gling to secure these chan­nels. The hack­ing of Microsoft’s Skype for Busi­ness Twit­ter account in 2014 is proof—the Syr­i­an Elec­tron­ic Army wast­ed no time tweet­ing neg­a­tive mes­sages after tak­ing over the account. They got some 8,000 retweets.

Social media is the best attack plat­form for a nation-state actor and sophis­ti­cat­ed cyber crim­i­nals, not just because it’s the eas­i­est one to lever­age for com­pro­mise, but it’s also com­plete­ly anony­mous,” Blair says.

Red­mond expects mobile to be anoth­er ris­ing dig­i­tal fron­tier, as more bad actors use fraud­u­lent apps to do things like har­vest­ing cre­den­tials.

If you look at it through the lens of bad actors, they’ve fig­ured out all these are effec­tive vehi­cles,” he says. They don’t have to break in any­more — they just have to pre­tend they’re some­one else.

He adds, “They can do that more rapid­ly, at a greater scale, with less chance of detec­tion.”

More sto­ries relat­ed to social media:
Attacks on social media, cloud apps exploit trust in pop­u­lar free ser­vices
Stay­ing off social media can keep you safer and hap­pi­er
Pri­va­cy, per­son­al­iza­tion don’t always play nice togeth­er

 

 


Posted in Data Privacy, Data Security, Featured Story